cybernews

fuite de donnée enregistrée

Latest News


CVE-2025-22243 - VMware NSX Manager UI Stored XSS Vulnerability

CVE ID : CVE-2025-22243
Published : June 4, 2025, 8:15 p.m. | 37 minutes ago
Description : VMware NSX Manager UI is vulnerable to a stored Cross-Site Scripting (XSS) attack due to improper input validation.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 04 Jun 2025 20:15:00 GMT

read more

CVE-2025-22244 - VMware NSX Stored XSS Vulnerability

CVE ID : CVE-2025-22244
Published : June 4, 2025, 8:15 p.m. | 37 minutes ago
Description : VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the gateway firewall due to improper input validation.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 04 Jun 2025 20:15:00 GMT

read more

CVE-2025-22245 - VMware NSX Stored XSS Vulnerability

CVE ID : CVE-2025-22245
Published : June 4, 2025, 8:15 p.m. | 37 minutes ago
Description : VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the router port due to improper input validation.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 04 Jun 2025 20:15:00 GMT

read more

CVE-2025-31134 - FreshRSS Path Disclosure Vulnerability

CVE ID : CVE-2025-31134
Published : June 4, 2025, 8:15 p.m. | 37 minutes ago
Description : FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, an attacker can gain additional information about the server by checking if certain directories exist. An attacker can, for example, check if older PHP versions are installed or if certain software is installed on the server and potentially use that information to further attack the server. Version 1.26.2 contains a patch for the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Wed, 04 Jun 2025 20:15:00 GMT

read more

CVE-2025-31136 - FreshRSS Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2025-31136
Published : June 4, 2025, 8:15 p.m. | 37 minutes ago
Description : FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, it's possible to run arbitrary JavaScript on the feeds page. This occurs by combining a cross-site scripting (XSS) issue that occurs in `f.php` when SVG favicons are downloaded from an attacker-controlled feed containing `